Applies To: WatchGuard CloudDR
Microsoft 365 is a suite of productivity tools and cloud-based services developed by Microsoft. Microsoft 365 is designed to help individuals, businesses, and organizations collaborate in various ways. This guide describes how to integrate Microsoft 365 with CloudDR.
Available Features
- Misconfiguration Rules
- Identity Rules
- Discovered Application Rules
- User Inventory
- Discovered Application Inventory
- Devices Inventory
Prerequisites
To configure this integration, you must have:
- A Microsoft 365 Business Basic subscription or higher.
- (Optional) A Microsoft Teams Essentials subscription.
- A user account with these roles:
- Global Reader
- Privileged Role Administrator
- Exchange Administrator
- Application-specific administrator roles (for example, Teams Administrator and SharePoint Administrator). Alternatively, you can use the Global Administrator role.
The user account must have these permissions:
Permissions for Base Integration
| Scope | Use |
|---|---|
| Mail.ReadBasic.All | Read access to basic mail properties for all mailboxes |
| Mail.ReadBasic | Read access to basic mail properties |
| Files.ReadWrite.All | Read access to basic file information for all users and sites |
| AuditLogsQuery-SharePoint.Read.All | Read access to audit log data from Sharepoint |
| AuditLogsQuery-OneDrive.Read.All | Read access to audit log data from OneDrive |
| Exchange.Manage | Read access to Exchange, Threat, Data Loss Prevention Policies, and Configurations |
| User.Read.All | Read access to all user profiles |
| Read SharePoint and OneDrive tenant settings | Read access to SharePoint and OneDrive configurations and settings for an organization |
| TeamMember.Read.All | Read access to the members of all teams |
| Team.ReadBasic.All | Read access to the list of all teams |
| Sites.Read.All | Read access to documents and list items in all list collections |
| SharePointTenantSettings.Read.All | Read access to tenant-level configurations for SharePoint and OneDrive |
| RoleManagement.Read.Directory | Read access to roles and role assignments |
| Reports.Read.All | Read access to all service usage reports |
| Policy.Read.All | Read access to all policies for an organization |
| Directory.Read.All | Read access to directory information such as users, groups, and apps |
| DelegatedPermissionGrant.ReadWrite.All | Read access to all delegated permission grants |
| AuditLog.Read.All | Read access to audit log activities |
SharePoint Permissions
| Scope | Use |
|---|---|
| Read directory data | Read access to organization information, roles, role assignments, and third-party apps |
| Read SharePoint and OneDrive tenant settings | Read access to SharePoint configurations and settings for the organization |
| Read items in all site collections | Read access to metadata for sites in the organization |
| Read directory RBAC settings | Read access to role and access-related information for users |
| Read managed metadata | Read access to metadata for public sites |
| Read and query your audit log activities | Read access to audit logs for the organization |
| Read Reports | Read access to reports |
EntraID Permissions
| Scope | Use |
|---|---|
| Read directory data | Read access to organization information, roles, role assignments, and third-party apps |
| Read your organization's policies | Read access to organization policies and configurations |
|
Read the names and descriptions of teams |
Read access to teams in the organization |
|
Read all users' full profiles |
Read access to detailed profiles for users |
Configure the Microsoft 365 Integration in CloudDR
To configure the Microsoft 365 integration in CloudDR:
- In WatchGuard Cloud, select Configure > CloudDR.
- Select the Integrations tab.
- (Service Providers) From the Select Integrations View drop-down list, select Add Integrations.
- In the Microsoft 365 widget, click Add.
- Click Start Integration.
- Select the services you want to include in the integration.
- Click Next.
- To give CloudDR access to EntraID (previously called Azure AD), in the Base Integration – Step 1 of 2 section, click Sign In with Microsoft 365, and log in with the user account identified in the prerequisites.
- Click Next.
- To give CloudDR access to Microsoft Exchange through the command line interface (CLI), in the Base Integration – Step 2 of 2 section, click Sign In with Microsoft 365, and log in with the user account identified in the prerequisites.
- Click Next.
- If you selected Data, Email Scanning, and Extended Unified Logs in Step 1, to give CloudDR access to read those files in your Microsoft 365 environment, in the Data, Email Scanning, and Extended Unified Logs section, click Sign In with Microsoft 365, and log in with the user account identified in the prerequisites.
- Click Next.
- If you selected Include Teams in the Integration in Step 1, to give CloudDR access to your Microsoft Teams configuration, in the Teams OAuth section, click Sign In with Microsoft 365, and log in with the user account identified in the prerequisites.
- Click Finish.